diff --git a/YACOSWeb/WebContent/WEB-INF/applicationContextAcegi.xml b/YACOSWeb/WebContent/WEB-INF/applicationContextAcegi.xml
index 690d63a..569b1c0 100644
--- a/YACOSWeb/WebContent/WEB-INF/applicationContextAcegi.xml
+++ b/YACOSWeb/WebContent/WEB-INF/applicationContextAcegi.xml
@@ -68,12 +68,12 @@ http://www.springframework.org/schema/beans http://www.springframework.org/schem
-
-
-
-
-
-
+
+
+
+
+
+
@@ -137,4 +137,9 @@ http://www.springframework.org/schema/beans http://www.springframework.org/schem
+
+
+
+
+
\ No newline at end of file
diff --git a/YACOSWeb/WebContent/WEB-INF/web.xml b/YACOSWeb/WebContent/WEB-INF/web.xml
index dfe6267..3eaa3da 100644
--- a/YACOSWeb/WebContent/WEB-INF/web.xml
+++ b/YACOSWeb/WebContent/WEB-INF/web.xml
@@ -42,6 +42,11 @@
lazyLoadingFilter
org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter
+
+ lazyLoadingFilter
+ /onverracaplustard
+
+
@@ -88,7 +93,7 @@
SessionService
- org.yacos.web.system.controller.SessionService
+ org.yacos.web.system.session.SessionServiceFilter
diff --git a/YACOSWeb/WebContent/WEB-INF/yacos-servlet.xml b/YACOSWeb/WebContent/WEB-INF/yacos-servlet.xml
index c05c0a3..af9c2ce 100644
--- a/YACOSWeb/WebContent/WEB-INF/yacos-servlet.xml
+++ b/YACOSWeb/WebContent/WEB-INF/yacos-servlet.xml
@@ -84,7 +84,6 @@
-
-
-
-
-
@@ -278,7 +273,7 @@
+ class="org.yacos.web.system.session.SessionService">
@@ -290,4 +285,4 @@
jndi-name="UserManagerBean/remote" cache="true" />
-
\ No newline at end of file
+
diff --git a/YACOSWeb/src/org/yacos/auth/UserDetails.java b/YACOSWeb/src/org/yacos/auth/UserDetails.java
new file mode 100644
index 0000000..103f708
--- /dev/null
+++ b/YACOSWeb/src/org/yacos/auth/UserDetails.java
@@ -0,0 +1,111 @@
+package org.yacos.auth;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.GrantedAuthorityImpl;
+import org.yacos.core.users.Role;
+import org.yacos.core.users.User;
+import org.yacos.web.system.session.SessionService;
+
+public class UserDetails implements org.acegisecurity.userdetails.UserDetails {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ private String login;
+ /**
+ * Password : used for authentication purpose only, is only writable
+ */
+ private String password;
+ /**
+ * First Name of the user
+ */
+ private String firstName;
+ /**
+ * Last name of the user
+ */
+ private String lastName;
+ /**
+ * Organization or lab the user belongs to
+ */
+ private String organization;
+ /**
+ * Active email (has to be used frequently) of the user
+ */
+ private String email;
+
+ public UserDetails(User user) {
+ this.login = user.getLogin();
+ this.password = user.getPassword();
+ this.firstName = user.getFirstName();
+ this.lastName = user.getLastName();
+ this.organization = user.getOrganization();
+ this.email = user.getEmail();
+ }
+
+ public GrantedAuthority[] getAuthorities() {
+ Integer currentConferenceId = SessionService.getInstance().getCurrentConferenceId();
+
+ GrantedAuthority[] authorities = null;
+
+ if(currentConferenceId != null){
+ List rolesList = SessionService.getInstance().getConferenceManager().getRoles(login, currentConferenceId);
+ if(! rolesList.isEmpty()){
+ authorities = new GrantedAuthority[rolesList.size()];
+ }
+
+ for(int i=0;i model1 = new HashMap();
diff --git a/YACOSWeb/src/org/yacos/web/PCmember/controller/ListArticleController.java b/YACOSWeb/src/org/yacos/web/PCmember/controller/ListArticleController.java
index d79c19a..a3ba86f 100644
--- a/YACOSWeb/src/org/yacos/web/PCmember/controller/ListArticleController.java
+++ b/YACOSWeb/src/org/yacos/web/PCmember/controller/ListArticleController.java
@@ -11,7 +11,7 @@ import org.apache.commons.logging.LogFactory;
import java.io.IOException;
import java.util.List;
import org.yacos.web.system.controller.NoConferenceSelectedException;
-import org.yacos.web.system.controller.SessionService;
+import org.yacos.web.system.session.SessionService;
import org.yacos.core.article.Article;
import org.yacos.core.article.IArticleManager;
import org.yacos.core.exceptions.ConferenceDoesntExistException;
@@ -22,8 +22,6 @@ public class ListArticleController extends SimpleFormController {
private IArticleManager articleManager;
- private SessionService sessionService;
-
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException, NoConferenceSelectedException {
@@ -31,7 +29,7 @@ public class ListArticleController extends SimpleFormController {
List listArticle;
try {
- listArticle = articleManager.getArticles(sessionService.getCurrentConferenceId(request));
+ listArticle = articleManager.getArticles(SessionService.getInstance().getCurrentConferenceId());
getServletContext().setAttribute("listArticle", listArticle);
} catch (ConferenceDoesntExistException e) {
logger.error(e.getMessage());
@@ -47,11 +45,4 @@ public class ListArticleController extends SimpleFormController {
public void setArticleManager(IArticleManager articleManager) {
this.articleManager = articleManager;
}
-
- public SessionService getSessionService() {
- return sessionService;
- }
- public void setSessionService(SessionService sessionService) {
- this.sessionService = sessionService;
- }
}
\ No newline at end of file
diff --git a/YACOSWeb/src/org/yacos/web/author/controller/SArticleController.java b/YACOSWeb/src/org/yacos/web/author/controller/SArticleController.java
index b2a2e00..670f55d 100644
--- a/YACOSWeb/src/org/yacos/web/author/controller/SArticleController.java
+++ b/YACOSWeb/src/org/yacos/web/author/controller/SArticleController.java
@@ -16,7 +16,7 @@ import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.SimpleFormController;
import org.springframework.web.servlet.view.RedirectView;
-import org.yacos.web.system.controller.SessionService;
+import org.yacos.web.system.session.SessionService;
import org.yacos.core.article.Article;
import org.yacos.core.article.IArticleManager;
import org.yacos.core.conferences.Conference;
@@ -29,16 +29,15 @@ public class SArticleController extends SimpleFormController {
protected final Log logger = LogFactory.getLog(getClass());
private IArticleManager articleManager;
- private SessionService sessionService;
public ModelAndView onSubmit(HttpServletRequest request,
HttpServletResponse response, Object command, BindException errors)
throws ServletException, IllegalStateException {
// Fetching conference
- Conference conf = sessionService.getCurrentConference(request);
+ Conference conf = SessionService.getInstance().getCurrentConference();
// Fetching user
- User user = sessionService.getCurrentUser(request);
+ User user = SessionService.getInstance().getCurrentUser();
String title = ((FormSubmission) command).getTitle();
String theme = ((FormSubmission) command).getTheme();
@@ -95,12 +94,4 @@ public class SArticleController extends SimpleFormController {
public void setArticleManager(IArticleManager articleManager) {
this.articleManager = articleManager;
}
-
- public SessionService getSessionService() {
- return sessionService;
- }
-
- public void setSessionService(SessionService sessionService) {
- this.sessionService = sessionService;
- }
}
\ No newline at end of file
diff --git a/YACOSWeb/src/org/yacos/web/system/controller/ChooseConferenceController.java b/YACOSWeb/src/org/yacos/web/system/controller/ChooseConferenceController.java
index 8e7f0d6..0ba747c 100644
--- a/YACOSWeb/src/org/yacos/web/system/controller/ChooseConferenceController.java
+++ b/YACOSWeb/src/org/yacos/web/system/controller/ChooseConferenceController.java
@@ -4,26 +4,18 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.Controller;
+import org.yacos.web.system.session.SessionService;
public class ChooseConferenceController implements Controller {
- private SessionService sessionService;
-
- public SessionService getSessionService() {
- return sessionService;
- }
-
- public void setSessionService(SessionService sessionService) {
- this.sessionService = sessionService;
- }
public ModelAndView handleRequest(HttpServletRequest request,
HttpServletResponse response) throws Exception {
- // get IDConf
+ // get IDConf
int idConf = Integer.parseInt(request.getParameter("idConf"));
// Set idConf in session context
- sessionService.setCurrentConferenceId(request, idConf);
+ SessionService.getInstance().setCurrentConferenceId(idConf);
return new ModelAndView("main");
}
diff --git a/YACOSWeb/src/org/yacos/web/system/controller/SUserRegistrationController.java b/YACOSWeb/src/org/yacos/web/system/controller/SUserRegistrationController.java
index ded8a16..0349832 100644
--- a/YACOSWeb/src/org/yacos/web/system/controller/SUserRegistrationController.java
+++ b/YACOSWeb/src/org/yacos/web/system/controller/SUserRegistrationController.java
@@ -13,6 +13,7 @@ import org.springframework.web.servlet.view.RedirectView;
import org.yacos.core.users.IUserManager;
import org.yacos.core.users.User;
import org.yacos.web.system.form.FormUser;
+import org.yacos.web.system.session.SessionService;
/**
* FormController class for the user Sign In scenario (user registration)
@@ -24,17 +25,6 @@ import org.yacos.web.system.form.FormUser;
*/
public class SUserRegistrationController extends SimpleFormController {
private IUserManager userManager;
-
- private SessionService sessionService;
-
- public SessionService getSessionService() {
- return sessionService;
- }
-
- public void setSessionService(SessionService sessionService) {
- this.sessionService = sessionService;
- }
-
/**
* @see org.springframework.web.servlet.mvc.SimpleFormController#onSubmit(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.validation.BindException)
*/
@@ -45,7 +35,7 @@ public class SUserRegistrationController extends SimpleFormController {
FormUser userCommand = (FormUser) command;
// Tries to retrieve the current user : case of user modification
- User user = sessionService.getCurrentUser(request);
+ User user = SessionService.getInstance().getCurrentUser();
if( (userCommand.getIsNew()) && (userManager.getUser(userCommand.getLogin()) != null)){
errors.rejectValue("login", "form.register.error.alreadyExists");
@@ -87,9 +77,9 @@ public class SUserRegistrationController extends SimpleFormController {
User currentUser = new User();
user.setIsNew(true);
// TODO : see how JAAS could change the way of getting the current User
- if(sessionService.isUserLogged(request)){
+ if(SessionService.getInstance().isUserLogged()){
// If he is logged, we use his profile information to fill the form
- currentUser = (User) sessionService.getCurrentUser(request);
+ currentUser = (User) SessionService.getInstance().getCurrentUser();
user.setIsNew(false);
}
diff --git a/YACOSWeb/src/org/yacos/web/system/controller/SessionService.java b/YACOSWeb/src/org/yacos/web/system/session/SessionService.java
similarity index 68%
rename from YACOSWeb/src/org/yacos/web/system/controller/SessionService.java
rename to YACOSWeb/src/org/yacos/web/system/session/SessionService.java
index df852c4..3ab801f 100644
--- a/YACOSWeb/src/org/yacos/web/system/controller/SessionService.java
+++ b/YACOSWeb/src/org/yacos/web/system/session/SessionService.java
@@ -1,17 +1,9 @@
-package org.yacos.web.system.controller;
-
-import java.io.IOException;
+package org.yacos.web.system.session;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.springframework.web.util.WebUtils;
import org.yacos.core.conferences.Conference;
@@ -24,9 +16,11 @@ import org.yacos.core.users.User;
* @author christiancorsano
*
*/
-public class SessionService implements Filter {
- private static ServletContext servletContext = null;
- private static HttpServletRequest request = null;
+public class SessionService {
+ private static SessionService instance = new SessionService();
+
+ protected static ServletContext servletContext = null;
+ protected static HttpServletRequest request = null;
private IConferenceManager conferenceManager;
private IUserManager userManager;
@@ -34,14 +28,21 @@ public class SessionService implements Filter {
private User currentUser;
private Conference currentConference;
- public SessionService(){
+ private SessionService(){
+ }
+
+ public static SessionService getInstance(){
+ if(instance == null){
+ instance = new SessionService();
+ }
+ return instance;
}
/**
* Init method to be called at filter time
* Makes the sessionAttributes available in the request context
*/
- private void init(){
+ protected void init(){
if(request != null && servletContext != null){
try {
if(userManager == null || conferenceManager == null){
@@ -51,10 +52,10 @@ public class SessionService implements Filter {
}
// Put the current conference in the request context to make it accessible in JSPs
// This avoid to put the whole object in the session
- request.setAttribute("currentConference", getCurrentConference(request));
+ request.setAttribute("currentConference", getCurrentConference());
// Put the current conference in the request context to make it accessible in JSPs
// This avoid to put the whole object in the session
- request.setAttribute("currentUser", getCurrentUser(request));
+ request.setAttribute("currentUser", getCurrentUser());
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
@@ -85,7 +86,7 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @return The current conference id
*/
- public Integer getCurrentConferenceId(HttpServletRequest request) {
+ public Integer getCurrentConferenceId() {
// Retrieve the ID from the session
Integer confId = (Integer) WebUtils.getSessionAttribute(request, "currentConferenceId");
return confId;
@@ -96,7 +97,7 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @param currentConferenceId The id to set as the new current conference
*/
- public void setCurrentConferenceId(HttpServletRequest request,Integer currentConferenceId) {
+ public void setCurrentConferenceId(Integer currentConferenceId) {
WebUtils.setSessionAttribute(request, "currentConferenceId", currentConferenceId);
currentConference = conferenceManager.getConference(currentConferenceId);
request.setAttribute("currentConference", currentConference);
@@ -107,8 +108,8 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @param c The conference object to set as current
*/
- public void setCurrentConference(HttpServletRequest request, Conference c){
- setCurrentConferenceId(request, c.getId() );
+ public void setCurrentConference(Conference c){
+ setCurrentConferenceId( c.getId() );
currentConference = c;
}
@@ -117,8 +118,8 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @return The conference object
*/
- public Conference getCurrentConference(HttpServletRequest request){
- Integer id = getCurrentConferenceId(request);
+ public Conference getCurrentConference(){
+ Integer id = getCurrentConferenceId();
// The currentConference can be out to date : force the update
if(currentConference != null && id != currentConference.getId()){
@@ -136,9 +137,9 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @param currentUser The new current user to set
*/
- public void setCurrentUser(HttpServletRequest request,User currentUser) {
+ public void setCurrentUser(User currentUser) {
this.currentUser = currentUser;
- this.setCurrentUserLogin(request,currentUser.getLogin());
+ this.setCurrentUserLogin(currentUser.getLogin());
}
/**
@@ -146,7 +147,7 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @param login The new current user login
*/
- public void setCurrentUserLogin(HttpServletRequest request, String login) {
+ public void setCurrentUserLogin(String login) {
WebUtils.setSessionAttribute(request, "currentUserLogin", login);
currentUser = userManager.getUser(login);
request.setAttribute("currentUser", currentUser);
@@ -159,7 +160,7 @@ public class SessionService implements Filter {
* @param request The current HTTP request object, necessary for session operations
* @return The current user login
*/
- public String getCurrentUserLogin(HttpServletRequest request){
+ public String getCurrentUserLogin(){
// Retrieve the login from the session
String login = (String) WebUtils.getSessionAttribute(request, "currentUserLogin");
return login;
@@ -167,12 +168,11 @@ public class SessionService implements Filter {
/**
* Get (if necessary) and returns the current user object
- * @param request The current HTTP request object, necessary for session operations
* @return The current User
*/
- public User getCurrentUser(HttpServletRequest request) {
+ public User getCurrentUser() {
// Retrieve the login from the session
- String login = this.getCurrentUserLogin(request);
+ String login = this.getCurrentUserLogin();
// The user can be out to date : force the update
if(currentUser != null && (! currentUser.getLogin().equals(login)) ){
@@ -180,7 +180,7 @@ public class SessionService implements Filter {
}
// Check if the user object is already in cache
- if(currentUser == null || (this.getCurrentUser(request).getLogin().equals(login)) ){
+ if(currentUser == null || (this.getCurrentUser().getLogin().equals(login)) ){
// Checks login for validity
if(login == null || login.equals("")){
currentUser = null;
@@ -194,42 +194,27 @@ public class SessionService implements Filter {
/**
* Returns whether the user is logged (is there a current User for this session)
- * @param request The current HTTP request object, necessary for session operations
* @return true if there's a current user in the session, false otherwise
*/
- public boolean isUserLogged(HttpServletRequest request){
- return getCurrentUser(request) != null;
- }
-
- /* ========================= */
- /* = Filter implementation = */
- /* ========================= */
-
- /**
- * Inits the filter, and set the servletContext for this session service
- */
- public void init(FilterConfig config) throws ServletException {
- SessionService.servletContext = config.getServletContext();
- }
-
- /**
- * Fetch the current session data so that every JSP has access to it
- */
- public void doFilter(ServletRequest request, ServletResponse response,
- FilterChain chain) throws IOException, ServletException {
- if(request instanceof HttpServletRequest){
- SessionService.request = (HttpServletRequest) request;
- init();
- }
-
- chain.doFilter(request, response);
+ public boolean isUserLogged(){
+ return getCurrentUser() != null;
}
/**
- * Clean the static attributes
+ * Puts an object in the session
+ * @param name The name of the attribute in the session
+ * @param attribute The attribute object
*/
- public void destroy() {
- SessionService.servletContext = null;
- SessionService.request = null;
+ public void setSessionAttribute(String name, Object attribute){
+ WebUtils.setSessionAttribute(request, name, attribute);
+ }
+
+ /**
+ * Retrieves an object from the Session
+ * @param name The name of the attribute to retrieve
+ * @return The attribute object
+ */
+ public Object getSessionAttribute(String name){
+ return WebUtils.getSessionAttribute(request, name);
}
}
diff --git a/YACOSWeb/src/org/yacos/web/system/session/SessionServiceFilter.java b/YACOSWeb/src/org/yacos/web/system/session/SessionServiceFilter.java
new file mode 100644
index 0000000..5a8262b
--- /dev/null
+++ b/YACOSWeb/src/org/yacos/web/system/session/SessionServiceFilter.java
@@ -0,0 +1,47 @@
+package org.yacos.web.system.session;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Filter to initialize the SessionService singleton
+ * @author christiancorsano
+ *
+ */
+public class SessionServiceFilter implements Filter {
+ /**
+ * Inits the filter, and set the servletContext for this session service
+ */
+ public void init(FilterConfig config) throws ServletException {
+ SessionService.servletContext = config.getServletContext();
+ }
+
+ /**
+ * Puts the request object into SessionService and tells it to init
+ */
+ public void doFilter(ServletRequest request, ServletResponse response,
+ FilterChain chain) throws IOException, ServletException {
+ if(request instanceof HttpServletRequest){
+ SessionService.request = (HttpServletRequest) request;
+ SessionService.getInstance().init();
+ }
+
+ // Continue the filter chain
+ chain.doFilter(request, response);
+ }
+
+ /**
+ * Clean the static attributes
+ */
+ public void destroy() {
+ SessionService.servletContext = null;
+ SessionService.request = null;
+ }
+}
\ No newline at end of file